Skip to content

Commit

Permalink
adds consumer / owner field to alerts created by rule registry (elast…
Browse files Browse the repository at this point in the history
  • Loading branch information
dhurley14 authored May 6, 2021
1 parent 8c07c0f commit 68dc7d1
Show file tree
Hide file tree
Showing 16 changed files with 66 additions and 22 deletions.
10 changes: 6 additions & 4 deletions x-pack/plugins/apm/common/alert_types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ import type { ValuesType } from 'utility-types';
import type { ActionGroup } from '../../alerting/common';
import { ANOMALY_SEVERITY, ANOMALY_THRESHOLD } from './ml_constants';

export const APM_SERVER_FEATURE_ID = 'apm';

export enum AlertType {
ErrorCount = 'apm.error_rate', // ErrorRate was renamed to ErrorCount but the key is kept as `error_rate` for backwards-compat.
TransactionErrorRate = 'apm.transaction_error_rate',
Expand Down Expand Up @@ -43,7 +45,7 @@ export const ALERT_TYPES_CONFIG: Record<
actionGroups: [THRESHOLD_MET_GROUP],
defaultActionGroupId: THRESHOLD_MET_GROUP_ID,
minimumLicenseRequired: 'basic',
producer: 'apm',
producer: APM_SERVER_FEATURE_ID,
},
[AlertType.TransactionDuration]: {
name: i18n.translate('xpack.apm.transactionDurationAlert.name', {
Expand All @@ -52,7 +54,7 @@ export const ALERT_TYPES_CONFIG: Record<
actionGroups: [THRESHOLD_MET_GROUP],
defaultActionGroupId: THRESHOLD_MET_GROUP_ID,
minimumLicenseRequired: 'basic',
producer: 'apm',
producer: APM_SERVER_FEATURE_ID,
},
[AlertType.TransactionDurationAnomaly]: {
name: i18n.translate('xpack.apm.transactionDurationAnomalyAlert.name', {
Expand All @@ -61,7 +63,7 @@ export const ALERT_TYPES_CONFIG: Record<
actionGroups: [THRESHOLD_MET_GROUP],
defaultActionGroupId: THRESHOLD_MET_GROUP_ID,
minimumLicenseRequired: 'basic',
producer: 'apm',
producer: APM_SERVER_FEATURE_ID,
},
[AlertType.TransactionErrorRate]: {
name: i18n.translate('xpack.apm.transactionErrorRateAlert.name', {
Expand All @@ -70,7 +72,7 @@ export const ALERT_TYPES_CONFIG: Record<
actionGroups: [THRESHOLD_MET_GROUP],
defaultActionGroupId: THRESHOLD_MET_GROUP_ID,
minimumLicenseRequired: 'basic',
producer: 'apm',
producer: APM_SERVER_FEATURE_ID,
},
};

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,10 @@
import React, { useCallback, useMemo } from 'react';
import { useParams } from 'react-router-dom';
import { useKibana } from '../../../../../../../src/plugins/kibana_react/public';
import { AlertType } from '../../../../common/alert_types';
import {
AlertType,
APM_SERVER_FEATURE_ID,
} from '../../../../common/alert_types';
import { getInitialAlertValues } from '../get_initial_alert_values';
import { TriggersAndActionsUIPublicPluginStart } from '../../../../../triggers_actions_ui/public';
interface Props {
Expand Down Expand Up @@ -38,7 +41,7 @@ export function AlertingFlyout(props: Props) {
() =>
alertType &&
triggersActionsUi.getAddAlertFlyout({
consumer: 'apm',
consumer: APM_SERVER_FEATURE_ID,
onClose: onCloseAddFlyout,
alertTypeId: alertType,
canChangeTrigger: false,
Expand Down
4 changes: 2 additions & 2 deletions x-pack/plugins/apm/server/feature.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,15 +7,15 @@

import { i18n } from '@kbn/i18n';
import { LicenseType } from '../../licensing/common/types';
import { AlertType } from '../common/alert_types';
import { AlertType, APM_SERVER_FEATURE_ID } from '../common/alert_types';
import { DEFAULT_APP_CATEGORIES } from '../../../../src/core/server';
import {
LicensingPluginSetup,
LicensingApiRequestHandlerContext,
} from '../../licensing/server';

export const APM_FEATURE = {
id: 'apm',
id: APM_SERVER_FEATURE_ID,
name: i18n.translate('xpack.apm.featureRegistry.apmFeatureName', {
defaultMessage: 'APM and User Experience',
}),
Expand Down
1 change: 1 addition & 0 deletions x-pack/plugins/apm/server/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,7 @@ export function mergeConfigs(
export const plugin = (initContext: PluginInitializerContext) =>
new APMPlugin(initContext);

export { APM_SERVER_FEATURE_ID } from '../common/alert_types';
export { APMPlugin } from './plugin';
export { APMPluginSetup } from './types';
export { APMServerRouteRepository } from './routes/get_global_apm_server_route_repository';
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import { apmActionVariables } from './action_variables';
import { alertingEsClient } from './alerting_es_client';
import { RegisterRuleDependencies } from './register_apm_alerts';
import { createAPMLifecycleRuleType } from './create_apm_lifecycle_rule_type';
import { APM_SERVER_FEATURE_ID } from '../../../common/alert_types';

const paramsSchema = schema.object({
windowSize: schema.number(),
Expand Down Expand Up @@ -55,7 +56,7 @@ export function registerErrorCountAlertType({
apmActionVariables.interval,
],
},
producer: 'apm',
producer: APM_SERVER_FEATURE_ID,
minimumLicenseRequired: 'basic',
executor: async ({ services, params }) => {
const config = await config$.pipe(take(1)).toPromise();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,11 @@ import { schema } from '@kbn/config-schema';
import { take } from 'rxjs/operators';
import { QueryContainer } from '@elastic/elasticsearch/api/types';
import { parseEnvironmentUrlParam } from '../../../common/environment_filter_values';
import { AlertType, ALERT_TYPES_CONFIG } from '../../../common/alert_types';
import {
AlertType,
ALERT_TYPES_CONFIG,
APM_SERVER_FEATURE_ID,
} from '../../../common/alert_types';
import {
PROCESSOR_EVENT,
SERVICE_ENVIRONMENT,
Expand Down Expand Up @@ -65,7 +69,7 @@ export function registerTransactionDurationAlertType({
apmActionVariables.interval,
],
},
producer: 'apm',
producer: APM_SERVER_FEATURE_ID,
minimumLicenseRequired: 'basic',
executor: async ({ services, params }) => {
const config = await config$.pipe(take(1)).toPromise();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ import {
AlertType,
ALERT_TYPES_CONFIG,
ANOMALY_ALERT_SEVERITY_TYPES,
APM_SERVER_FEATURE_ID,
} from '../../../common/alert_types';
import { getMLJobs } from '../service_map/get_service_anomalies';
import { apmActionVariables } from './action_variables';
Expand Down Expand Up @@ -70,7 +71,7 @@ export function registerTransactionDurationAnomalyAlertType({
apmActionVariables.triggerValue,
],
},
producer: 'apm',
producer: APM_SERVER_FEATURE_ID,
minimumLicenseRequired: 'basic',
executor: async ({ services, params }) => {
if (!ml) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,11 @@

import { schema } from '@kbn/config-schema';
import { take } from 'rxjs/operators';
import { AlertType, ALERT_TYPES_CONFIG } from '../../../common/alert_types';
import {
AlertType,
ALERT_TYPES_CONFIG,
APM_SERVER_FEATURE_ID,
} from '../../../common/alert_types';
import {
EVENT_OUTCOME,
PROCESSOR_EVENT,
Expand Down Expand Up @@ -59,7 +63,7 @@ export function registerTransactionErrorRateAlertType({
apmActionVariables.interval,
],
},
producer: 'apm',
producer: APM_SERVER_FEATURE_ID,
minimumLicenseRequired: 'basic',
executor: async ({ services, params: alertParams }) => {
const config = await config$.pipe(take(1)).toPromise();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ export const baseRuleFieldMap = {
'kibana.rac.alert.severity.level': { type: 'keyword' },
'kibana.rac.alert.severity.value': { type: 'long' },
'kibana.rac.alert.status': { type: 'keyword' },
'kibana.rac.alert.owner': { type: 'keyword' },
} as const;

export type BaseRuleFieldMap = typeof baseRuleFieldMap;
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ import { TypeOfFieldMap } from '../../../common';
import { ScopedRuleRegistryClient, EventsOf } from './types';
import { BaseRuleFieldMap } from '../../../common';
import { RuleRegistry } from '..';
import { SERVER_APP_ID } from '../../../../security_solution/server';
import { APM_SERVER_FEATURE_ID } from '../../../../apm/server';

const createPathReporterError = (either: Either<Errors, unknown>) => {
const error = new Error(`Failed to validate alert event`);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import v4 from 'uuid/v4';
import { Mutable } from 'utility-types';
import { AlertInstance } from '../../../../alerting/server';
import { ActionVariable, AlertInstanceState } from '../../../../alerting/common';
import { RuleParams, RuleType } from '../../types';
import { AlertAttributes, RuleParams, RuleType } from '../../types';
import { BaseRuleFieldMap, OutputOfFieldMap } from '../../../common';
import { PrepopulatedRuleEventFields } from '../create_scoped_rule_registry_client/types';
import { RuleRegistry } from '..';
Expand Down Expand Up @@ -68,6 +68,13 @@ export function createLifecycleRuleTypeFactory(): CreateLifecycleRuleType<BaseRu
rule,
} = options;

const so = await options.services.savedObjectsClient.get<AlertAttributes>(
'alert',
rule.uuid
);

console.error('RULE REGISTRY CONSUMER', so.attributes.consumer);

const decodedState = wrappedStateRt.decode(previousState);

const state = isLeft(decodedState)
Expand Down Expand Up @@ -169,7 +176,7 @@ export function createLifecycleRuleTypeFactory(): CreateLifecycleRuleType<BaseRu
'@timestamp': timestamp,
'event.kind': 'state',
'kibana.rac.alert.id': alertId,
// 'owner': ''
'kibana.rac.alert.owner': so.attributes.consumer,
};

const isNew = !state.trackedAlerts[alertId];
Expand Down
18 changes: 18 additions & 0 deletions x-pack/plugins/rule_registry/server/types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,27 @@ import { RuleRegistry } from './rule_registry';
import { RacClient } from './rac_client/rac_client';
import { ScopedRuleRegistryClient } from './rule_registry/create_scoped_rule_registry_client/types';
import { BaseRuleFieldMap } from '../common';
import { SERVER_APP_ID } from '../../security_solution/server';
import { APM_SERVER_FEATURE_ID } from '../../apm/server';

export type RuleParams = Type<any>;

export interface AlertAttributes<T extends RuleParams = RuleParams> {
// actions: RuleAlertAction[];
consumer: string;
enabled: boolean;
name: string;
tags: string[];
createdBy: string;
createdAt: string;
updatedBy: string;
schedule: {
interval: string;
};
throttle: string;
params: T;
}

type TypeOfRuleParams<TRuleParams extends RuleParams> = TypeOf<TRuleParams>;

type RuleExecutorServices<
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,12 +25,11 @@ import { generateSignalId, wrapBuildingBlocks, wrapSignal } from './utils';
// format search_after result for signals index.
export const buildBulkBody = (
ruleSO: SavedObject<AlertAttributes>,
doc: SignalSourceHit,
owner: typeof SERVER_APP_ID
doc: SignalSourceHit
): SignalHit => {
const rule = buildRuleWithOverrides(ruleSO, doc._source!);
const signal: Signal = {
...buildSignal([doc], rule, owner),
...buildSignal([doc], rule, ruleSO.attributes.consumer),
...additionalSignalFields(doc),
};
const event = buildEventTypeSignal(doc);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ export const removeClashes = (doc: BaseSignalHit): BaseSignalHit => {
export const buildSignal = (
docs: BaseSignalHit[],
rule: RulesSchema,
owner: typeof SERVER_APP_ID
owner: string // typeof SERVER_APP_ID
): Signal => {
const _meta = {
version: SIGNALS_TEMPLATE_VERSION,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@ export const singleBulkCreate = async ({
),
},
},
buildBulkBody(ruleSO, doc, SERVER_APP_ID),
buildBulkBody(ruleSO, doc),
]);
const start = performance.now();
const { body: response } = await services.scopedClusterClient.asInternalUser.bulk({
Expand All @@ -142,7 +142,7 @@ export const singleBulkCreate = async ({
.map((doc, index) => ({
_id: response.items[index].create?._id ?? '',
_index: response.items[index].create?._index ?? '',
...buildBulkBody(ruleSO, doc, SERVER_APP_ID),
...buildBulkBody(ruleSO, doc),
}))
.filter((_, index) => get(response.items[index], 'create.status') === 201);
const createdItemsCount = createdItems.length;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -227,6 +227,7 @@ export interface SignalHit {

export interface AlertAttributes<T extends RuleParams = RuleParams> {
actions: RuleAlertAction[];
consumer: string;
enabled: boolean;
name: string;
tags: string[];
Expand Down

0 comments on commit 68dc7d1

Please sign in to comment.